Jscrambler Raises $2.3M Series A Funding To Protect Web And Mobile Applications

Jscrambler is a Web startup that works on highly innovative security products to protect Web and Mobile Applications. The company recently announced $2.3 Million Series A funding round. Its flagship product, Jscrambler, is the leader in JavaScript Application Security and the only client-side RASP solution to make applications self-defensive and resilient to tampering and reverse-engineering. Recently, a new webpage integrity module was introduced that enables the detection and removal of code injections, MITB attacks, DOM-tampering and data exfiltration on the client-side in real-time. To find out more about their platform we sat down with Pedro Fortuna, the Founder and CTO of Jscrambler:

Q: Could you tell us something more about your core competence?

A: Web technologies, and JavaScript in particular, appeared 20 years ago, and were meant to do simple operations at the time but, nowadays, JavaScript apps became much more complex. Companies have acknowledged the power of the language and are using it to develop almost anything that is important for them. This raises concerns as more and more sensitive logic is being developed in JavaScript. Important data and intellectual property is being put on the client-side. It’s not enough to find security vulnerabilities and fix them; companies and developers must also make sure that their web applications are as resilient as it can be against user-experience tampering, malware injection, data leakage, Man-In-The-Browser (MitB) attacks intellectual property and code theft. That’s precisely what Jscrambler does.

A: Application development—mobile or web apps—has been evolving at a much faster pace than our ability to solve the security risks that we are creating. Every day we are demanding more and more sensitive data accessible from a plethora of devices. Companies are adopting the most recent technologies for developing and deploying these apps. The problem is that, to date, companies have been focused on the threats via servers and have paid little attention to the hidden dangers of hacks through the client-side, when the users are the ones that are compromised.

If we consider that an application encompasses both the server and the client side and that the client side solution doesn’t necessarily have to be endpoint security, since solutions such as antivirus have a low success rate of around 40%, then we understand the thinking behind Jscrambler – every web application needs to have its own cloaking system and defence, being responsible for its own security and not throwing this responsibility to its users, that lack the knowledge and resources to protect themselves.

Q: Can you give us insights into your features?

A: Jscrambler is an application integrity platform that offers a complete security solution to tamper-proof JavaScript applications including HTML5 and Node.js. Jscrambler is composed by two modules:

Code Integrity Module is focused on protecting the code, guaranteeing that the application’s code is tamper-proof, self-defensive and concealed with:

• Polymorphic JavaScript Obfuscation: the most advanced JavaScript Obfuscation techniques combined with polymorphic behaviour;
• Code Traps: can restrict when, where and by whom the application is executed;
• Self-Defending: if Jscrambler detects that your code was tampered or if suspicious debugging activities are in action, it can stop the app from running;
• Real-time Notifications: be warned in case your web application is being tampered or used in a different environment or date other than the one you have defined.

With Webpage Integrity Module, organizations with a strong online presence where fraud is a significant risk are also able to protect their webpages with:

A: This investment will accelerate European and North-American market expansion and help more companies prevent and fight attacks that are growing in frequency and complexity but are being detected too late, with serious financial and reputational consequences for organizations. In addition, it will also ensure the continued development of our product portfolio. Jscrambler will definitely continue to be a disruptive player, revolutionizing the application security scene, and delivering the most resilient solutions for client-side security that companies and individuals can rely on.